Search

published date: May 7, 2025

CVE-2025-2775 : XML External Entity (XXE) Injection Vulnerability

SysAid On-Premises [Suspected]

Description

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

Product(s):

  • SysAid On-Premises

Question to Ask Vendors:

  1. Have you updated all instances of SysAid On-Premises to version 24.4.60 b16 or later to mitigate the risk of CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777?
  2. Can you confirm that all external access points to SysAid endpoints (/mdm/checkin, /mdm/serverurl, /lshw) have been appropriately secured or restricted from unauthorized external connections to prevent XML External Entity (XXE) injection and Server-Side Request Forgery (SSRF)?
  3. Have you implemented monitoring measures to detect suspicious or malicious requests targeting the SysAid endpoints (/mdm/checkin, /mdm/serverurl, /lshw) that were previously vulnerable to XXE injection and SSRF?
  4. Have you reviewed and updated your incident response procedures to ensure rapid identification and remediation capabilities for XXE-based vulnerabilities, specifically those identified in CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777?

READY TO GET RESULTS YOU CAN TRUST?